danmcd
commented
8 years ago I'd have to inspect it more, but it looks like build/mozilla-nss-nspr/nss.mog needs to call out certutil & friends for packaging.
Open lotheac opened 8 years ago
danmcd
commented
8 years ago I'd have to inspect it more, but it looks like build/mozilla-nss-nspr/nss.mog needs to call out certutil & friends for packaging.
lotheac
commented
8 years ago On Wed, Oct 28 2015 03:40:36 -0700, Dan McDonald wrote:
I'd have to inspect it more, but it looks like build/mozilla-nss-nspr/nss.mog needs to call out certutil & friends for packaging.
I looked at it briefly and upon seeing the nss/nspr packaging script decided that it's best to defer to your expertise on the subject :) Thanks.
Lauri Tirkkonen | lotheac @ IRCnet
danmcd
commented
8 years ago BTW, this won't make r151016 except maybe as an update.
lotheac
commented
8 years ago On Wed, Oct 28 2015 04:59:22 -0700, Dan McDonald wrote:
BTW, this won't make r151016 except maybe as an update.
That's okay, it's not a big issue for us right now as we currently just ship a known-good trusted cert db file via config management (ie. can use another OS to create it). It would probably be good to have a working way to configure trusted LDAP CAs in the OS itself at some point though :)
Lauri Tirkkonen | lotheac @ IRCnet
idodeclare
commented
8 years ago I'm trying to connect omnios to ldaps, but I'm stymied by omnios-151018's lack of certutil. I'll build a transient VM with another distro (I see joyent's illumos-extra) in order to export to omnios à la @lotheac, but I agree it would be nice to have it in the omnios base.
The nss packages don't include certutil, which is needed eg. for configuring ldapclient certificates.